Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Worms Feed on MyDoom Infections

Posted by ryuzaki0 on from the sucks-to-run-windows dept.

JJP writes "ZDNet Australia is reporting that two new worms, Doomjuice and Deadhat, are taking over computers previously infected by the MyDoom virus. Apparently they try to uninstall the MyDoom virus and then take over the PC to start their own malignant work. Whilst the threat these two worms pose shouldn't be too big, both needing a MyDoom backdoor, it is still a novel way to spread a virus. In the Netherlands there is a newspaper reporting this proves MyDoom was initialy spread by organised crime in a dark plot to wage cyber-war and steal confidential data from our computers."

4 of 243 comments (clear)

  1. Re:Get a Mac by nickg78 · · Score: 0, Troll

    So, are you implying there is such a thing as a secure Windows box?

  2. Re:New Welchia Worm by stratjakt · · Score: 0, Troll

    Because your a clueless slashbot.

    Welchia had a much higher cost in terms of sucking away bandwidth. It brought down more network then the orignal worms did.

    --
    I don't need no instructions to know how to rock!!!!
  3. Re:Get a Mac by bill_mcgonigle · · Score: 1, Troll


    I'll just ask: is it possible for a binary file to open ports and send itself as an email attachment on a Mac? On a linux box?

    No, it's not possible - the x bit isn't set on an e-mail attachment so it can't be run. It would have to be chmodded +x before running.

    Windows's problem is that anything named .exe,.com,.bat,.scr,.pif, etc. is run as a program when opened. That's part of Windows's design and can't be "fixed".

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
  4. note to metamods by bill_mcgonigle · · Score: 0, Troll

    the 'troll' on this one was part of a mod-bomb.

    --
    My God, it's Full of Source!
    OUTSIDE_IP=$(dig +short my.ip @outsideip.net)